- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 13 for impersonate (0.2 sec)
-
security/pkg/server/ca/node_auth.go
Name: caller.PodServiceAccount, } // First, make sure the caller is allowed to impersonate, in general if _, f := na.trustedNodeAccounts[callerSa]; !f { return fmt.Errorf("caller (%v) is not allowed to impersonate", caller) } // Next, make sure the identity they want to impersonate is valid, in general requestedIdentity, err := spiffe.ParseIdentity(requestedIdentityString) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 6.4K bytes - Viewed (0) -
releasenotes/notes/49011.yaml
apiVersion: release-notes/v2 kind: feature area: security issue: - 47489 releaseNotes: - |- **Added** support for istio CA to handle node authorization for CSRs with impersonate identity from remote clusters.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Feb 05 15:46:44 UTC 2024 - 328 bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go
groupsSpecified := len(req.Header[authenticationv1.ImpersonateGroupHeader]) > 0 // make sure we're allowed to impersonate each thing we're requesting. While we're iterating through, start building username // and group information username := "" groups := []string{} userExtra := map[string][]string{} uid := ""
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Aug 07 10:10:35 UTC 2023 - 9.5K bytes - Viewed (0) -
samples/unixdomainsockets/src/main/java/okhttp3/unixdomainsockets/UnixDomainSocketFactory.java
import java.io.File; import java.io.IOException; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.Socket; import javax.net.SocketFactory; import jnr.unixsocket.UnixSocketChannel; /** Impersonate TCP-style SocketFactory over UNIX domain sockets. */ public final class UnixDomainSocketFactory extends SocketFactory { private final File path; public UnixDomainSocketFactory(File path) { this.path = path; }
Registered: Sun Jun 16 04:42:17 UTC 2024 - Last Modified: Sun Dec 03 21:33:52 UTC 2023 - 2.1K bytes - Viewed (0) -
platforms/core-execution/build-cache-http/src/main/java/org/gradle/caching/http/HttpBuildCache.java
* <p> * Allowing communication with untrusted servers keeps data encrypted during transmission, * but makes it easier for a man-in-the-middle to impersonate the intended server and capture data. * <p> * This value has no effect if a server is specified using the HTTP protocol (i.e. has SSL disabled). * * @since 4.2 */
Registered: Wed Jun 12 18:38:38 UTC 2024 - Last Modified: Fri Sep 22 09:43:12 UTC 2023 - 7.6K bytes - Viewed (0) -
security/pkg/server/ca/server.go
return nil, status.Error(codes.Unauthenticated, "request impersonation authentication failure") } // Node is authorized to impersonate; overwrite the SAN to the impersonated identity. sans = []string{impersonatedIdentity} } serverCaLog.Debugf("generating a certificate, sans: %v, requested ttl: %s", sans, time.Duration(request.ValidityDuration*int64(time.Second)))
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
src/cmd/go/internal/tool/tool.go
// since it is normally only used for building the toolchain in the first // place. However, 'go tool dist list' is useful for listing all supported // platforms. // // If the dist tool does not exist, impersonate this command. if impersonateDistList(args[2:]) { // If it becomes necessary, we could increment an additional counter to indicate // that we're impersonating dist list if knowing that becomes important?
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Fri Apr 05 18:02:11 UTC 2024 - 5.9K bytes - Viewed (0) -
common-protos/k8s.io/api/authentication/v1alpha1/generated.proto
// SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 2K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1alpha1/generated.proto
// SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 28 15:34:11 UTC 2024 - 2K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1beta1/generated.proto
repeated string items = 1; } // SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 28 15:34:11 UTC 2024 - 5.3K bytes - Viewed (0)